Sun SSH without a password (not OpenSSH)
in [Solaris]
|
From: LnxGnome on 13 Dec 2009 21:42 On Dec 13, 11:16 am, Mark Bartelt <m...(a)ingleside.cacr.caltech.edu> wrote: > Nothing, either in the documentation, or in the observed > behaviour, suggests that anything needs to be set either > non-world-readable or non-group readable. Mode 0755 for > the directories and 0644 for authorized_keys is perfectly > fine. Don't forget to check the CLIENT side permissions too $HOME/.ssh/identity $HOME/.ssh/id_dsa Contains the RSA and the DSA authentication identity of the user. These files contain sensitive data and should be readable by the user but not accessible by others (read/write/execute).
From: Dave on 14 Dec 2009 01:23 LnxGnome wrote: > On Dec 13, 11:16 am, Mark Bartelt <m...(a)ingleside.cacr.caltech.edu> > wrote: >> Nothing, either in the documentation, or in the observed >> behaviour, suggests that anything needs to be set either >> non-world-readable or non-group readable. Mode 0755 for >> the directories and 0644 for authorized_keys is perfectly >> fine. > > Don't forget to check the CLIENT side permissions too > > $HOME/.ssh/identity > $HOME/.ssh/id_dsa > > Contains the RSA and the DSA authentication identity of the user. > These files contain sensitive data and should be readable by the user > but not accessible by others (read/write/execute). IIRC, the ssh implementation uses $HOME/.ssh2 for the ssh files - I would check the man pages. There is by the way an ssh newsgroup. comp.security.ssh I guess someone might have mentioned this before, but why bother using the commercial ssh.com implementation? -- I respectfully request that this message is not archived by companies as unscrupulous as 'Experts Exchange' . In case you are unaware, 'Experts Exchange' take questions posted on the web and try to find idiots stupid enough to pay for the answers, which were posted freely by others. They are leeches.
From: Darren Dunham on 14 Dec 2009 16:52
On Dec 10, 1:00 am, The Derfer <derf...(a)gmail.com> wrote: > ... but they, along with everybody else, assume OpenSSH is in use. > Anyone tried this with Sun SSH recently or ever? Sun SSH isn't much different from OpenSSH. It's mainly just an older codebase. In both cases, you should ask the server why it's not working. Easiest way is often to start a separate server in debug mode and watch it when you try to log in with your key. server# sshd -p 5555 -d [watch output...] client# ssh -p 5555 server The server output should have information about looking for the authorized key file and may give some output about why it's not working. -- Darren |